<?php
/*
 *      This program is free software; you can redistribute it and/or modify
 *      it under the terms of the GNU General Public License as published by
 *      the Free Software Foundation; either version 2 of the License, or
 *      (at your option) any later version.
 *      
 *      This program is distributed in the hope that it will be useful,
 *      but WITHOUT ANY WARRANTY; without even the implied warranty of
 *      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *      GNU General Public License for more details.
 *      
 *      You should have received a copy of the GNU General Public License
 *      along with this program; if not, write to the Free Software
 *      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *      MA 02110-1301, USA.
 */

/*
		POC para realizar las pruebas de la vulnerabilidad de tipo XSS
*/

$html = "<html><head></head><body>
				<form name=\"XSS\" action=\"#\" methor=\"GET\">
					<p>Introduce el texto que quieras</p>
					<input type=\"text\" name=\"xss_texto\">
					<input type=\"submit\" value=\"Enviar\">
				</form></body></html>";


echo $html;

echo "Nivel Seguridad Bajo: ".$_GET['xss_texto']."</br></br>";
echo "Nivel Seguridad Medio: ".str_replace("<script>", "", $_GET['xss_texto'])."</br></br>";
echo "Nivel Seguridad Alto: ".htmlspecialchars($_GET['xss_texto'])."</br></br>";

?>
